[c-nsp] Problem with LWAP over gre/ipsec

Jens S Andersen jsa at aua.auc.dk
Fri Dec 19 08:55:37 EST 2008

Hello all

Has anybody on the list tried running LWAP thru a GRE/IPsec tunnel?

People connecting to LWAP access-points on the far end of the GRE/IPsec tunnel
have problems which almost certainly are related to MTU.

My tunnel configuration is:

interface Tunnel2
 ip address xx.xx.xx.xx
 ip mtu 1418
 ip tcp adjust-mss 1300
 tunnel source Loopback0
 tunnel destination yy.yy.yy.yy
 tunnel path-mtu-discovery
 crypto map aue-gw2-sdu

The WiSM software is version

Reducing the mss-size to 1300 on the relevant SVI on the WiSM switch/router
helps, at least on the tcp sessions.

It seems that PMTU does not work om LWAP/GRE/IPsec?

Jens S Andersen                 Email:  jsa at adm.aau.dk
Aalborg University              Telf:   9940 9464
Selma Lagerlöfs Vej 300, 4.1.03 Fax:    9940 7593
9220 Aalborg

More information about the cisco-nsp mailing list